-
Notifications
You must be signed in to change notification settings - Fork 47
Getting Basic Authorization Header to stay permanent #102
Comments
Thank you for reporting the issue @AndrewChenUoA! The way headers authentication headers are set can be different on each hosting environment so we can't really have a generic solution that would work for all setups. Nginx and Apache have different ways of doing that, for example and Nginx doesn't support dynamic configuration as Apache in Could you try placing the Here is a great article explaining the lifecyle of |
Makes sense - I should have reported that I'm using Wordpress 5.3.2 on an Apache box with PHP 7.1.33. I've just put the custom line above the Worth noting that the
I guess my assumption was that we don't necessarily want to stop WordPress from updating |
Thanks for bringing up that quote. Turns out there a way to actually append additional rewrite rules using the So I'm re-opening this issue to add the required headers automatically. |
I'm getting the same message. I don't have .htaccess in my root directory (or I accidentally overwrote it). Should I copy and paste the entire code block mentioned here? Or just add that line outside of the code block and see if WordPress creates or updates the .htaccess? Update: Here are the contents:
NOTE: When I added the rewrite rule outside of the WordPress block after the last line it didn't work. When I put it directly above the first line it did work and the warning went away.
|
Just noting that this functionality is added to the PR to implement this in Core. |
I've followed the instructions at https://github.com/WordPress/application-passwords/wiki/Basic-Authorization-Header----Missing and can see that API requests are coming through to Wordpress and are authenticated. Great!
Unfortunately, then when I active/deactivate/modify any plugin, Wordpress overwrites the .htaccess file and wipes out the change. I believe this might be related to the issues described in #95. Maybe this is something that only happens with later versions of Wordpress.
My guess is that I need to write a Wordpress filter somewhere in a PHP file. I'm not that familiar with PHP, and would appreciate if anyone can provide clear instructions on how to do this? But also, if we are modifying PHP files to get this request in... why can't the Application Passwords plug-in do it as well?
The text was updated successfully, but these errors were encountered: